Vulnerabilities > Xerox > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-03-13 | CVE-2019-13172 | Classic Buffer Overflow vulnerability in Xerox Phaser 3320 Firmware V53.006.16.000 Some Xerox printers (such as the Phaser 3320 V53.006.16.000) were affected by a buffer overflow vulnerability in the Authentication Cookie of the web application that would allow an attacker to execute arbitrary code on the device. | 9.8 |
| 2020-03-13 | CVE-2019-13171 | Out-of-bounds Write vulnerability in Xerox Phaser 3320 Firmware V53.006.16.000 Some Xerox printers (such as the Phaser 3320 V53.006.16.000) were affected by one or more stack-based buffer overflow vulnerabilities in the Google Cloud Print implementation that would allow an unauthenticated attacker to execute arbitrary code on the device. | 9.8 |
| 2020-03-13 | CVE-2019-13169 | Classic Buffer Overflow vulnerability in Xerox Phaser 3320 Firmware V53.006.16.000 Some Xerox printers (such as the Phaser 3320 V53.006.16.000) were affected by a buffer overflow vulnerability in the Content-Type HTTP Header of the web application that would allow an attacker to execute arbitrary code on the device. | 9.8 |
| 2020-03-13 | CVE-2019-13168 | Classic Buffer Overflow vulnerability in Xerox Phaser 3320 Firmware V53.006.16.000 Some Xerox printers (such as the Phaser 3320 V53.006.16.000) were affected by a buffer overflow vulnerability in the attributes parser of the IPP service. | 9.8 |
| 2020-03-13 | CVE-2019-13165 | Classic Buffer Overflow vulnerability in Xerox Phaser 3320 Firmware V53.006.16.000 Some Xerox printers (such as the Phaser 3320 V53.006.16.000) were affected by a buffer overflow vulnerability in the request parser of the IPP service. | 9.8 |
| 2020-02-13 | CVE-2013-6362 | Use of Hard-coded Credentials vulnerability in Xerox products Xerox ColorCube and WorkCenter devices in 2013 had hardcoded FTP and shell user accounts. | 9.8 |
| 2019-10-04 | CVE-2019-17184 | Unspecified vulnerability in Xerox Atlalink Firmware Xerox AtlaLink B8045/B8055/B8065/B8075/B8090 C8030/C8035/C8045/C8055/C8070 printers with software before 101.00x.089.22600 allow an attacker to gain privileges. | 9.8 |
| 2019-04-12 | CVE-2019-10880 | OS Command Injection vulnerability in Xerox products Within multiple XEROX products a vulnerability allows remote command execution on the Linux system, as the "nobody" user through a crafted "HTTP" request (OS Command Injection vulnerability in the HTTP interface). | 9.8 |
| 2019-02-10 | CVE-2018-20771 | Improper Input Validation vulnerability in Xerox products An issue was discovered on Xerox WorkCentre 3655, 3655i, 58XX, 58XXi, 59XX, 59XXi, 6655, 6655i, 72XX, 72XXi, 78XX, 78XXi, 7970, 7970i, EC7836, and EC7856 devices before R18-05 073.xxx.0487.15000. | 9.8 |
| 2019-02-10 | CVE-2018-20770 | SQL Injection vulnerability in Xerox products An issue was discovered on Xerox WorkCentre 3655, 3655i, 58XX, 58XXi, 59XX, 59XXi, 6655, 6655i, 72XX, 72XXi, 78XX, 78XXi, 7970, 7970i, EC7836, and EC7856 devices before R18-05 073.xxx.0487.15000. | 9.8 |